DNS and DMZ help needed
David A. Bandel
david
Mon May 17 11:53:52 PDT 2004
On Thu, 18 Sep 2003 11:17:56 -0500 (GMT-05:00)
"John C. Voigt" <jcvoigt at earthlink.net> wrote:
> Hi,
>
> I'm in the process of setting up our network at work, as the Feds
> unplugged our old one. We have a Cisco PIX 515 firewall (not ours)
> between the router and our LAN with a DMZ port.
>
> I have a DNS server in the DMZ to answer external queries. DNS is
> NATted from an external IP (68.72.56.147) to the DMZ
> (192.168.100.0/24). The DNS is supposed to answer queries from the
> outside address, and allow zone transfers to our off-site secondary.
> The strange thing is that a query to the DNS server from itself
> (poplar.reclamation.dnr.state.in.us) gives it's correct address
> (68.72.56.147). From our secondary and other nameservers "out there",
> it resolves to it's DMZ address, which of course, is non-routable.
>
> Any help to point me in the right direction on how to correct this
> would be most appreciated.
I assume you're doing split horizon. Which DNS server? If BIND9, what
are entries for your differing views?
Ciao,
David A. Bandel
--
Focus on the dream, not the competition.
Nemesis Racing Team motto
GPG key autoresponder: mailto:david_key at pananix.com
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://mail.linux-sxs.org/pipermail/linux-users/attachments/20030919/2fea9971/attachment.pgp
More information about the Linux-users
mailing list